aws-sdk-core 3.130.2 → 3.132.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ff22a0d39db864fb7a965fedeb1f45730a70840d8ae4475e2222529604e3a707
4
- data.tar.gz: 90117e48ef4377412254102c08d95718c14b407c64be26b8bb0c62b4b349bfa2
3
+ metadata.gz: 834ced1c0e2ea4d743b2fc0cbe70ed75d6bcf57385521cd3c6ecded7e2eba288
4
+ data.tar.gz: cb7e8f63bc55a0ac685f0c1545fe95433e1b9a6397f4a41d264e3e01364772c0
5
5
  SHA512:
6
- metadata.gz: dded90c284f709ca41f859ffb832c243728e2d19d630a84c6ba960052e8004af3e90c292f307c8ab76d2f0578ae2259402c4b96ad3a73c7a7e48e9b72c23a919
7
- data.tar.gz: bf2b97dc6ce9aafca32582f0e06b0245bf0741f897cfe1ebadf7369f1e7344604247803b396aedc6da37415594baacdce933cd22afba09abc61684884dafe135
6
+ metadata.gz: 4363ba1ee176a0656ca650ece2c0f816ccdb2e1dedc95db49c67d1277b90a6f797f5fbe3c7096de2a7b0335b47d02bfe127ea94d07f00961ce6e5b8a6380b120
7
+ data.tar.gz: 42518b3ea0ba92f776c1422f1c87b300c6bcd916e220184378b139987c5e00ad41d801231b1ce0c7c77ff88fa202de0bc22bb451887e00fbe6598f01cac5163d
data/CHANGELOG.md CHANGED
@@ -1,6 +1,47 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 3.132.0 (2022-08-08)
5
+ ------------------
6
+
7
+ * Feature - Updated Aws::SSO::Client with the latest API changes.
8
+
9
+ 3.131.6 (2022-08-03)
10
+ ------------------
11
+
12
+ * Issue - Fix typo in `RecursionDetection`, change amz to amzn in header and env name.
13
+
14
+ 3.131.5 (2022-07-28)
15
+ ------------------
16
+
17
+ * Issue - Fix `to_json` usage in nested hashes by defining `as_json` (#2733).
18
+
19
+ 3.131.4 (2022-07-27)
20
+ ------------------
21
+
22
+ * Issue - Fix `to_json` usage on pageable responses when using Rails (#2733).
23
+ * Issue - Use `expand_path` on credential/config paths in SharedConfig (#2735).
24
+
25
+ 3.131.3 (2022-07-18)
26
+ ------------------
27
+
28
+ * Issue - Add support for serializing shapes on the body with `jsonvalue` members.
29
+
30
+ 3.131.2 (2022-06-20)
31
+ ------------------
32
+
33
+ * Issue - Populate context :request_id for XML error responses.
34
+
35
+ 3.131.1 (2022-05-20)
36
+ ------------------
37
+
38
+ * Issue - Bump the minimum version of `jmespath` dependency.
39
+
40
+ 3.131.0 (2022-05-16)
41
+ ------------------
42
+
43
+ * Feature - Updated Aws::STS::Client with the latest API changes.
44
+
4
45
  3.130.2 (2022-04-22)
5
46
  ------------------
6
47
 
@@ -50,7 +91,7 @@ Unreleased Changes
50
91
  3.126.2 (2022-02-16)
51
92
  ------------------
52
93
 
53
- * Issue - Add a before_refresh callback to AssumeRoleCredentials (#2529).
94
+ * Issue - Add a before_refresh callback to AssumeRoleCredentials (#2529).
54
95
  * Issue - Raise a `NoSuchProfileError` when config and credentials files don't exist.
55
96
 
56
97
  3.126.1 (2022-02-14)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.130.2
1
+ 3.132.0
@@ -3,25 +3,20 @@
3
3
  require 'set'
4
4
 
5
5
  module Aws
6
-
7
- # An auto-refreshing credential provider that works by assuming
8
- # a role via {Aws::STS::Client#assume_role}.
6
+ # An auto-refreshing credential provider that assumes a role via
7
+ # {Aws::STS::Client#assume_role}.
9
8
  #
10
9
  # role_credentials = Aws::AssumeRoleCredentials.new(
11
10
  # client: Aws::STS::Client.new(...),
12
11
  # role_arn: "linked::account::arn",
13
12
  # role_session_name: "session-name"
14
13
  # )
15
- #
16
14
  # ec2 = Aws::EC2::Client.new(credentials: role_credentials)
17
15
  #
18
- # If you omit `:client` option, a new {STS::Client} object will be
19
- # constructed.
16
+ # If you omit `:client` option, a new {Aws::STS::Client} object will be
17
+ # constructed with additional options that were provided.
20
18
  #
21
- # The AssumeRoleCredentials also provides a `before_refresh` callback
22
- # that can be used to help manage refreshing tokens.
23
- # `before_refresh` is called when AWS credentials are required and need
24
- # to be refreshed and it is called with the AssumeRoleCredentials object.
19
+ # @see Aws::STS::Client#assume_role
25
20
  class AssumeRoleCredentials
26
21
 
27
22
  include CredentialProvider
@@ -5,9 +5,8 @@ require 'securerandom'
5
5
  require 'base64'
6
6
 
7
7
  module Aws
8
-
9
- # An auto-refreshing credential provider that works by assuming
10
- # a role via {Aws::STS::Client#assume_role_with_web_identity}.
8
+ # An auto-refreshing credential provider that assumes a role via
9
+ # {Aws::STS::Client#assume_role_with_web_identity}.
11
10
  #
12
11
  # role_credentials = Aws::AssumeRoleWebIdentityCredentials.new(
13
12
  # client: Aws::STS::Client.new(...),
@@ -16,12 +15,12 @@ module Aws
16
15
  # role_session_name: "session-name"
17
16
  # ...
18
17
  # )
19
- # For full list of parameters accepted
20
- # @see Aws::STS::Client#assume_role_with_web_identity
18
+ # ec2 = Aws::EC2::Client.new(credentials: role_credentials)
21
19
  #
20
+ # If you omit `:client` option, a new {Aws::STS::Client} object will be
21
+ # constructed with additional options that were provided.
22
22
  #
23
- # If you omit `:client` option, a new {STS::Client} object will be
24
- # constructed.
23
+ # @see Aws::STS::Client#assume_role_with_web_identity
25
24
  class AssumeRoleWebIdentityCredentials
26
25
 
27
26
  include CredentialProvider
@@ -4,6 +4,11 @@ require 'time'
4
4
  require 'net/http'
5
5
 
6
6
  module Aws
7
+ # An auto-refreshing credential provider that loads credentials from
8
+ # instances running in ECS.
9
+ #
10
+ # ecs_credentials = Aws::ECSCredentials.new(retries: 3)
11
+ # ec2 = Aws::EC2::Client.new(credentials: ecs_credentials)
7
12
  class ECSCredentials
8
13
 
9
14
  include CredentialProvider
@@ -4,6 +4,11 @@ require 'time'
4
4
  require 'net/http'
5
5
 
6
6
  module Aws
7
+ # An auto-refreshing credential provider that loads credentials from
8
+ # EC2 instances.
9
+ #
10
+ # instance_credentials = Aws::InstanceProfileCredentials.new
11
+ # ec2 = Aws::EC2::Client.new(credentials: instance_credentials)
7
12
  class InstanceProfileCredentials
8
13
  include CredentialProvider
9
14
  include RefreshingCredentials
@@ -146,6 +146,13 @@ module Aws
146
146
  data.to_h
147
147
  end
148
148
 
149
+ def as_json(_options = {})
150
+ data.to_h(data, as_json: true)
151
+ end
152
+
153
+ def to_json(options = {})
154
+ as_json.to_json(options)
155
+ end
149
156
  end
150
157
 
151
158
  # The actual decorator module implementation. It is in a distinct module
@@ -11,15 +11,43 @@ module Aws
11
11
 
12
12
  def call(context)
13
13
  context.operation.input.shape.members.each do |m, ref|
14
- if ref['jsonvalue']
15
- param_value = context.params[m]
16
- unless param_value.respond_to?(:to_json)
17
- raise ArgumentError, "The value of params[#{m}] is not JSON serializable."
14
+ convert_jsonvalue(m, ref, context.params, 'params')
15
+ end
16
+ @handler.call(context)
17
+ end
18
+
19
+ def convert_jsonvalue(m, ref, params, context)
20
+ return if params.nil? || !params.key?(m)
21
+
22
+ if ref['jsonvalue']
23
+ params[m] = serialize_jsonvalue(params[m], "#{context}[#{m}]")
24
+ else
25
+ case ref.shape
26
+ when Seahorse::Model::Shapes::StructureShape
27
+ ref.shape.members.each do |member_m, ref|
28
+ convert_jsonvalue(member_m, ref, params[m], "#{context}[#{m}]")
29
+ end
30
+ when Seahorse::Model::Shapes::ListShape
31
+ if ref.shape.member['jsonvalue']
32
+ params[m] = params[m].each_with_index.map do |v, i|
33
+ serialize_jsonvalue(v, "#{context}[#{m}][#{i}]")
34
+ end
35
+ end
36
+ when Seahorse::Model::Shapes::MapShape
37
+ if ref.shape.value['jsonvalue']
38
+ params[m].each do |k, v|
39
+ params[m][k] = serialize_jsonvalue(v, "#{context}[#{m}][#{k}]")
40
+ end
18
41
  end
19
- context.params[m] = param_value.to_json
20
42
  end
21
43
  end
22
- @handler.call(context)
44
+ end
45
+
46
+ def serialize_jsonvalue(v, context)
47
+ unless v.respond_to?(:to_json)
48
+ raise ArgumentError, "The value of #{context} is not JSON serializable."
49
+ end
50
+ v.to_json
23
51
  end
24
52
 
25
53
  end
@@ -9,10 +9,10 @@ module Aws
9
9
  class Handler < Seahorse::Client::Handler
10
10
  def call(context)
11
11
 
12
- unless context.http_request.headers.key?('x-amz-trace-id')
12
+ unless context.http_request.headers.key?('x-amzn-trace-id')
13
13
  if ENV['AWS_LAMBDA_FUNCTION_NAME'] &&
14
- (trace_id = ENV['_X_AMZ_TRACE_ID'])
15
- context.http_request.headers['x-amz-trace-id'] = trace_id
14
+ (trace_id = ENV['_X_AMZN_TRACE_ID'])
15
+ context.http_request.headers['x-amzn-trace-id'] = trace_id
16
16
  end
17
17
  end
18
18
  @handler.call(context)
@@ -1,19 +1,16 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Aws
4
-
5
4
  # A credential provider that executes a given process and attempts
6
- # to read its stdout to recieve a JSON payload containing the credentials
7
- #
8
- # Automatically handles refreshing credentials if an Expiration time is
9
- # provided in the credentials payload
10
- #
11
- # credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc').credentials
5
+ # to read its stdout to recieve a JSON payload containing the credentials.
12
6
  #
7
+ # credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc')
13
8
  # ec2 = Aws::EC2::Client.new(credentials: credentials)
14
9
  #
15
- # More documentation on process based credentials can be found here:
16
- # https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#sourcing-credentials-from-external-processes
10
+ # Automatically handles refreshing credentials if an Expiration time is
11
+ # provided in the credentials payload.
12
+ #
13
+ # @see https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#sourcing-credentials-from-external-processes
17
14
  class ProcessCredentials
18
15
 
19
16
  include CredentialProvider
@@ -17,7 +17,7 @@ module Aws
17
17
 
18
18
  def apply_request_id(context)
19
19
  h = context.http_response.headers
20
- context[:request_id] = h['x-amz-request-id'] || h['x-amzn-requestid']
20
+ context[:request_id] ||= h['x-amz-request-id'] || h['x-amzn-requestid']
21
21
  end
22
22
 
23
23
  end
@@ -51,10 +51,12 @@ module Aws
51
51
  @config_enabled = options[:config_enabled]
52
52
  @credentials_path = options[:credentials_path] ||
53
53
  determine_credentials_path
54
+ @credentials_path = File.expand_path(@credentials_path) if @credentials_path
54
55
  @parsed_credentials = {}
55
56
  load_credentials_file if loadable?(@credentials_path)
56
57
  if @config_enabled
57
58
  @config_path = options[:config_path] || determine_config_path
59
+ @config_path = File.expand_path(@config_path) if @config_path
58
60
  load_config_file if loadable?(@config_path)
59
61
  end
60
62
  end
@@ -1,17 +1,12 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Aws
4
- # An auto-refreshing credential provider that works by assuming a
5
- # role via {Aws::SSO::Client#get_role_credentials} using a cached access
6
- # token. This class does NOT implement the SSO login token flow - tokens
4
+ # An auto-refreshing credential provider that assumes a role via
5
+ # {Aws::SSO::Client#get_role_credentials} using a cached access
6
+ # token. This class does NOT implement the SSO login token flow - tokens
7
7
  # must generated and refreshed separately by running `aws login` from the
8
8
  # AWS CLI with the correct profile.
9
9
  #
10
- # For more background on AWS SSO see the official
11
- # {https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html what is SSO Userguide}
12
- #
13
- # ## Refreshing Credentials from SSO
14
- #
15
10
  # The `SSOCredentials` will auto-refresh the AWS credentials from SSO. In
16
11
  # addition to AWS credentials expiring after a given amount of time, the
17
12
  # access token generated and cached from `aws login` will also expire.
@@ -20,7 +15,6 @@ module Aws
20
15
  # the token value, but this can be done by running `aws login` with the
21
16
  # correct profile.
22
17
  #
23
- #
24
18
  # # You must first run aws sso login --profile your-sso-profile
25
19
  # sso_credentials = Aws::SSOCredentials.new(
26
20
  # sso_account_id: '123456789',
@@ -28,11 +22,13 @@ module Aws
28
22
  # sso_region: "us-east-1",
29
23
  # sso_start_url: 'https://your-start-url.awsapps.com/start'
30
24
  # )
31
- #
32
25
  # ec2 = Aws::EC2::Client.new(credentials: sso_credentials)
33
26
  #
34
- # If you omit `:client` option, a new {SSO::Client} object will be
35
- # constructed.
27
+ # If you omit `:client` option, a new {Aws::SSO::Client} object will be
28
+ # constructed with additional options that were provided.
29
+ #
30
+ # @see Aws::SSO::Client#get_role_credentials
31
+ # @see https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html
36
32
  class SSOCredentials
37
33
 
38
34
  include CredentialProvider
@@ -28,18 +28,20 @@ module Aws
28
28
  # in stdlib Struct.
29
29
  #
30
30
  # @return [Hash]
31
- def to_h(obj = self)
31
+ def to_h(obj = self, options = {})
32
32
  case obj
33
33
  when Struct
34
34
  obj.each_pair.with_object({}) do |(member, value), hash|
35
- hash[member] = to_hash(value) unless value.nil?
35
+ member = member.to_s if options[:as_json]
36
+ hash[member] = to_hash(value, options) unless value.nil?
36
37
  end
37
38
  when Hash
38
39
  obj.each.with_object({}) do |(key, value), hash|
39
- hash[key] = to_hash(value)
40
+ key = key.to_s if options[:as_json]
41
+ hash[key] = to_hash(value, options)
40
42
  end
41
43
  when Array
42
- obj.collect { |value| to_hash(value) }
44
+ obj.collect { |value| to_hash(value, options) }
43
45
  else
44
46
  obj
45
47
  end
@@ -24,6 +24,7 @@ module Aws
24
24
  else
25
25
  code, message, data = extract_error(body, context)
26
26
  end
27
+ context[:request_id] = request_id(body)
27
28
  errors_module = context.client.class.errors_module
28
29
  error_class = errors_module.error_class(code).new(context, message, data)
29
30
  error_class
@@ -94,6 +95,12 @@ module Aws
94
95
  end
95
96
  end
96
97
 
98
+ def request_id(body)
99
+ if matches = body.match(/<RequestId>(.+?)<\/RequestId>/m)
100
+ matches[1]
101
+ end
102
+ end
103
+
97
104
  def unescape(str)
98
105
  CGI.unescapeHTML(str)
99
106
  end
@@ -358,11 +358,13 @@ module Aws::SSO
358
358
  # The friendly name of the role that is assigned to the user.
359
359
  #
360
360
  # @option params [required, String] :account_id
361
- # The identifier for the AWS account that is assigned to the user.
361
+ # The identifier for the Amazon Web Services account that is assigned to
362
+ # the user.
362
363
  #
363
364
  # @option params [required, String] :access_token
364
365
  # The token issued by the `CreateToken` API call. For more information,
365
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
366
+ # see [CreateToken][1] in the *Amazon Web Services SSO OIDC API
367
+ # Reference Guide*.
366
368
  #
367
369
  #
368
370
  #
@@ -396,7 +398,8 @@ module Aws::SSO
396
398
  req.send_request(options)
397
399
  end
398
400
 
399
- # Lists all roles that are assigned to the user for a given AWS account.
401
+ # Lists all roles that are assigned to the user for a given Amazon Web
402
+ # Services account.
400
403
  #
401
404
  # @option params [String] :next_token
402
405
  # The page token from the previous response output when you request
@@ -407,14 +410,16 @@ module Aws::SSO
407
410
  #
408
411
  # @option params [required, String] :access_token
409
412
  # The token issued by the `CreateToken` API call. For more information,
410
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
413
+ # see [CreateToken][1] in the *Amazon Web Services SSO OIDC API
414
+ # Reference Guide*.
411
415
  #
412
416
  #
413
417
  #
414
418
  # [1]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html
415
419
  #
416
420
  # @option params [required, String] :account_id
417
- # The identifier for the AWS account that is assigned to the user.
421
+ # The identifier for the Amazon Web Services account that is assigned to
422
+ # the user.
418
423
  #
419
424
  # @return [Types::ListAccountRolesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
420
425
  #
@@ -448,10 +453,11 @@ module Aws::SSO
448
453
  req.send_request(options)
449
454
  end
450
455
 
451
- # Lists all AWS accounts assigned to the user. These AWS accounts are
452
- # assigned by the administrator of the account. For more information,
453
- # see [Assign User Access][1] in the *AWS SSO User Guide*. This
454
- # operation returns a paginated response.
456
+ # Lists all Amazon Web Services accounts assigned to the user. These
457
+ # Amazon Web Services accounts are assigned by the administrator of the
458
+ # account. For more information, see [Assign User Access][1] in the
459
+ # *Amazon Web Services SSO User Guide*. This operation returns a
460
+ # paginated response.
455
461
  #
456
462
  #
457
463
  #
@@ -466,7 +472,8 @@ module Aws::SSO
466
472
  #
467
473
  # @option params [required, String] :access_token
468
474
  # The token issued by the `CreateToken` API call. For more information,
469
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
475
+ # see [CreateToken][1] in the *Amazon Web Services SSO OIDC API
476
+ # Reference Guide*.
470
477
  #
471
478
  #
472
479
  #
@@ -504,12 +511,33 @@ module Aws::SSO
504
511
  req.send_request(options)
505
512
  end
506
513
 
507
- # Removes the client- and server-side session that is associated with
508
- # the user.
514
+ # Removes the locally stored SSO tokens from the client-side cache and
515
+ # sends an API call to the Amazon Web Services SSO service to invalidate
516
+ # the corresponding server-side Amazon Web Services SSO sign in session.
517
+ #
518
+ # <note markdown="1"> If a user uses Amazon Web Services SSO to access the AWS CLI, the
519
+ # user’s Amazon Web Services SSO sign in session is used to obtain an
520
+ # IAM session, as specified in the corresponding Amazon Web Services SSO
521
+ # permission set. More specifically, Amazon Web Services SSO assumes an
522
+ # IAM role in the target account on behalf of the user, and the
523
+ # corresponding temporary Amazon Web Services credentials are returned
524
+ # to the client.
525
+ #
526
+ # After user logout, any existing IAM role sessions that were created by
527
+ # using Amazon Web Services SSO permission sets continue based on the
528
+ # duration configured in the permission set. For more information, see
529
+ # [User authentications][1] in the *Amazon Web Services SSO User Guide*.
530
+ #
531
+ # </note>
532
+ #
533
+ #
534
+ #
535
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html
509
536
  #
510
537
  # @option params [required, String] :access_token
511
538
  # The token issued by the `CreateToken` API call. For more information,
512
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
539
+ # see [CreateToken][1] in the *Amazon Web Services SSO OIDC API
540
+ # Reference Guide*.
513
541
  #
514
542
  #
515
543
  #
@@ -545,7 +573,7 @@ module Aws::SSO
545
573
  params: params,
546
574
  config: config)
547
575
  context[:gem_name] = 'aws-sdk-core'
548
- context[:gem_version] = '3.130.2'
576
+ context[:gem_version] = '3.132.0'
549
577
  Seahorse::Client::Request.new(handlers, context)
550
578
  end
551
579
 
@@ -10,18 +10,21 @@
10
10
  module Aws::SSO
11
11
  module Types
12
12
 
13
- # Provides information about your AWS account.
13
+ # Provides information about your Amazon Web Services account.
14
14
  #
15
15
  # @!attribute [rw] account_id
16
- # The identifier of the AWS account that is assigned to the user.
16
+ # The identifier of the Amazon Web Services account that is assigned
17
+ # to the user.
17
18
  # @return [String]
18
19
  #
19
20
  # @!attribute [rw] account_name
20
- # The display name of the AWS account that is assigned to the user.
21
+ # The display name of the Amazon Web Services account that is assigned
22
+ # to the user.
21
23
  # @return [String]
22
24
  #
23
25
  # @!attribute [rw] email_address
24
- # The email address of the AWS account that is assigned to the user.
26
+ # The email address of the Amazon Web Services account that is
27
+ # assigned to the user.
25
28
  # @return [String]
26
29
  #
27
30
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/AccountInfo AWS API Documentation
@@ -48,13 +51,14 @@ module Aws::SSO
48
51
  # @return [String]
49
52
  #
50
53
  # @!attribute [rw] account_id
51
- # The identifier for the AWS account that is assigned to the user.
54
+ # The identifier for the Amazon Web Services account that is assigned
55
+ # to the user.
52
56
  # @return [String]
53
57
  #
54
58
  # @!attribute [rw] access_token
55
59
  # The token issued by the `CreateToken` API call. For more
56
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
57
- # Guide*.
60
+ # information, see [CreateToken][1] in the *Amazon Web Services SSO
61
+ # OIDC API Reference Guide*.
58
62
  #
59
63
  #
60
64
  #
@@ -118,8 +122,8 @@ module Aws::SSO
118
122
  #
119
123
  # @!attribute [rw] access_token
120
124
  # The token issued by the `CreateToken` API call. For more
121
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
122
- # Guide*.
125
+ # information, see [CreateToken][1] in the *Amazon Web Services SSO
126
+ # OIDC API Reference Guide*.
123
127
  #
124
128
  #
125
129
  #
@@ -127,7 +131,8 @@ module Aws::SSO
127
131
  # @return [String]
128
132
  #
129
133
  # @!attribute [rw] account_id
130
- # The identifier for the AWS account that is assigned to the user.
134
+ # The identifier for the Amazon Web Services account that is assigned
135
+ # to the user.
131
136
  # @return [String]
132
137
  #
133
138
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRolesRequest AWS API Documentation
@@ -179,8 +184,8 @@ module Aws::SSO
179
184
  #
180
185
  # @!attribute [rw] access_token
181
186
  # The token issued by the `CreateToken` API call. For more
182
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
183
- # Guide*.
187
+ # information, see [CreateToken][1] in the *Amazon Web Services SSO
188
+ # OIDC API Reference Guide*.
184
189
  #
185
190
  #
186
191
  #
@@ -224,8 +229,8 @@ module Aws::SSO
224
229
  #
225
230
  # @!attribute [rw] access_token
226
231
  # The token issued by the `CreateToken` API call. For more
227
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
228
- # Guide*.
232
+ # information, see [CreateToken][1] in the *Amazon Web Services SSO
233
+ # OIDC API Reference Guide*.
229
234
  #
230
235
  #
231
236
  #
@@ -259,7 +264,8 @@ module Aws::SSO
259
264
  # @!attribute [rw] access_key_id
260
265
  # The identifier used for the temporary security credentials. For more
261
266
  # information, see [Using Temporary Security Credentials to Request
262
- # Access to AWS Resources][1] in the *AWS IAM User Guide*.
267
+ # Access to Amazon Web Services Resources][1] in the *Amazon Web
268
+ # Services IAM User Guide*.
263
269
  #
264
270
  #
265
271
  #
@@ -268,8 +274,9 @@ module Aws::SSO
268
274
  #
269
275
  # @!attribute [rw] secret_access_key
270
276
  # The key that is used to sign the request. For more information, see
271
- # [Using Temporary Security Credentials to Request Access to AWS
272
- # Resources][1] in the *AWS IAM User Guide*.
277
+ # [Using Temporary Security Credentials to Request Access to Amazon
278
+ # Web Services Resources][1] in the *Amazon Web Services IAM User
279
+ # Guide*.
273
280
  #
274
281
  #
275
282
  #
@@ -278,8 +285,9 @@ module Aws::SSO
278
285
  #
279
286
  # @!attribute [rw] session_token
280
287
  # The token used for temporary credentials. For more information, see
281
- # [Using Temporary Security Credentials to Request Access to AWS
282
- # Resources][1] in the *AWS IAM User Guide*.
288
+ # [Using Temporary Security Credentials to Request Access to Amazon
289
+ # Web Services Resources][1] in the *Amazon Web Services IAM User
290
+ # Guide*.
283
291
  #
284
292
  #
285
293
  #
@@ -308,7 +316,8 @@ module Aws::SSO
308
316
  # @return [String]
309
317
  #
310
318
  # @!attribute [rw] account_id
311
- # The identifier of the AWS account assigned to the user.
319
+ # The identifier of the Amazon Web Services account assigned to the
320
+ # user.
312
321
  # @return [String]
313
322
  #
314
323
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/RoleInfo AWS API Documentation
data/lib/aws-sdk-sso.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.130.2'
53
+ GEM_VERSION = '3.132.0'
54
54
 
55
55
  end
@@ -2145,6 +2145,14 @@ module Aws::STS
2145
2145
  # Credentials][1] and [Comparing the Amazon Web Services STS API
2146
2146
  # operations][2] in the *IAM User Guide*.
2147
2147
  #
2148
+ # <note markdown="1"> No permissions are required for users to perform this operation. The
2149
+ # purpose of the `sts:GetSessionToken` operation is to authenticate the
2150
+ # user using MFA. You cannot use policies to control authentication
2151
+ # operations. For more information, see [Permissions for
2152
+ # GetSessionToken][3] in the *IAM User Guide*.
2153
+ #
2154
+ # </note>
2155
+ #
2148
2156
  # **Session Duration**
2149
2157
  #
2150
2158
  # The `GetSessionToken` operation must be called by using the long-term
@@ -2170,7 +2178,7 @@ module Aws::STS
2170
2178
  #
2171
2179
  # <note markdown="1"> We recommend that you do not call `GetSessionToken` with Amazon Web
2172
2180
  # Services account root user credentials. Instead, follow our [best
2173
- # practices][3] by creating one or more IAM users, giving them the
2181
+ # practices][4] by creating one or more IAM users, giving them the
2174
2182
  # necessary permissions, and using IAM users for everyday interaction
2175
2183
  # with Amazon Web Services.
2176
2184
  #
@@ -2186,14 +2194,15 @@ module Aws::STS
2186
2194
  #
2187
2195
  # For more information about using `GetSessionToken` to create temporary
2188
2196
  # credentials, go to [Temporary Credentials for Users in Untrusted
2189
- # Environments][4] in the *IAM User Guide*.
2197
+ # Environments][5] in the *IAM User Guide*.
2190
2198
  #
2191
2199
  #
2192
2200
  #
2193
2201
  # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
2194
2202
  # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
2195
- # [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users
2196
- # [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken
2203
+ # [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html
2204
+ # [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users
2205
+ # [5]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken
2197
2206
  #
2198
2207
  # @option params [Integer] :duration_seconds
2199
2208
  # The duration, in seconds, that the credentials should remain valid.
@@ -2290,7 +2299,7 @@ module Aws::STS
2290
2299
  params: params,
2291
2300
  config: config)
2292
2301
  context[:gem_name] = 'aws-sdk-core'
2293
- context[:gem_version] = '3.130.2'
2302
+ context[:gem_version] = '3.132.0'
2294
2303
  Seahorse::Client::Request.new(handlers, context)
2295
2304
  end
2296
2305
 
data/lib/aws-sdk-sts.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
50
50
  # @!group service
51
51
  module Aws::STS
52
52
 
53
- GEM_VERSION = '3.130.2'
53
+ GEM_VERSION = '3.132.0'
54
54
 
55
55
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.130.2
4
+ version: 3.132.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-22 00:00:00.000000000 Z
11
+ date: 2022-08-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath
@@ -16,14 +16,20 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '1.0'
19
+ version: '1'
20
+ - - ">="
21
+ - !ruby/object:Gem::Version
22
+ version: 1.6.1
20
23
  type: :runtime
21
24
  prerelease: false
22
25
  version_requirements: !ruby/object:Gem::Requirement
23
26
  requirements:
24
27
  - - "~>"
25
28
  - !ruby/object:Gem::Version
26
- version: '1.0'
29
+ version: '1'
30
+ - - ">="
31
+ - !ruby/object:Gem::Version
32
+ version: 1.6.1
27
33
  - !ruby/object:Gem::Dependency
28
34
  name: aws-partitions
29
35
  requirement: !ruby/object:Gem::Requirement